Static task
static1
Behavioral task
behavioral1
Sample
62e844e4e0ad8b_JC.exe
Resource
win7-20230712-en
windows7-x64
Behavioral task
behavioral2
Sample
62e844e4e0ad8b_JC.exe
Resource
win10v2004-20230703-en
windows10-2004-x64
Target
62e844e4e0ad8b_JC.exe
Size
4.4MB
MD5
62e844e4e0ad8b4932427cf901205ea4
SHA1
0b69c0f5ed0dcfbb32d5a23a66deb11a55f2fd9c
SHA256
dac6e223f2408142d396cc25f0aa855b73eb51ff2e4b9385871067de26281f9c
SHA512
fd62467e63096ee908ddedf224c2547b92ee63ee44506ad762857f37ee706a3c946d10c3c04709a3e7865b73a312b1f5a23d5aab9b25e49bb78850d079e2aa00
SSDEEP
98304:Vh77vJ0FujchiCqCC6dfRlKW8LSlcp4GcM:V5vJQndfuWYS+KGcM
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
GetModuleHandleW
CreateRemoteThread
IsWow64Process
ExitProcess
CreateDirectoryW
SetFileTime
SetFilePointer
CreateFileW
GetFileAttributesW
LocalFileTimeToFileTime
GetCurrentDirectoryW
SystemTimeToFileTime
GetFileInformationByHandle
FileTimeToSystemTime
DisconnectNamedPipe
WriteFile
CreateNamedPipeA
WaitNamedPipeA
ReadFile
WideCharToMultiByte
MultiByteToWideChar
ExpandEnvironmentStringsA
GetLastError
FindResourceW
ReadProcessMemory
LoadResource
ResetEvent
VirtualAllocEx
LockResource
SetEvent
Sleep
CreateEventW
SetCurrentDirectoryA
GetCurrentDirectoryA
WaitForSingleObject
SetEndOfFile
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
SetStdHandle
HeapSize
HeapReAlloc
GetConsoleOutputCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
HeapFree
GetProcAddress
QueryFullProcessImageNameA
OpenProcess
GetModuleHandleA
WriteProcessMemory
ConnectNamedPipe
CloseHandle
WritePrivateProfileStringA
CreateFileA
HeapAlloc
SetFilePointerEx
GetFileSizeEx
GetModuleFileNameW
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetDriveTypeW
SetConsoleCtrlHandler
GetModuleHandleExW
SetLastError
QueryPerformanceCounter
QueryPerformanceFrequency
InitializeSRWLock
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStdHandle
GetFileType
GetSystemDirectoryA
FreeLibrary
LoadLibraryA
FormatMessageA
GetEnvironmentVariableW
VirtualFree
GetACP
SwitchToFiber
DeleteFiber
CreateFiberEx
GetCurrentProcessId
GetSystemTimeAsFileTime
ConvertFiberToThread
ConvertThreadToFiberEx
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
FindClose
FindFirstFileW
FindNextFileW
GetSystemTime
LocalFree
GetLocaleInfoEx
FindFirstFileExW
GetFileAttributesExW
GetFullPathNameW
SetFileInformationByHandle
AreFileApisANSI
GetFileInformationByHandleEx
WakeAllConditionVariable
SleepConditionVariableSRW
GetCPInfoExW
InitOnceComplete
InitOnceBeginInitialize
WaitForSingleObjectEx
GetExitCodeThread
RaiseException
TryAcquireSRWLockExclusive
InitializeConditionVariable
WakeConditionVariable
LCMapStringEx
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
CompareStringEx
GetCPInfo
GetStringTypeW
InitializeCriticalSectionAndSpinCount
InitializeSListHead
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
InterlockedPushEntrySList
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
SizeofResource
wsprintfW
GetUserObjectInformationW
GetProcessWindowStation
MessageBoxW
CryptEnumProvidersW
DeregisterEventSource
RegisterEventSourceW
ReportEventW
CryptAcquireContextW
CryptReleaseContext
CryptDestroyKey
CryptSetHashParam
CryptGetProvParam
CryptGetUserKey
CryptExportKey
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
ConvertStringSecurityDescriptorToSecurityDescriptorW
CryptDecrypt
CryptCreateHash
CryptDestroyHash
CryptSignHashW
SHGetSpecialFolderPathA
gethostbyaddr
inet_ntoa
inet_addr
htons
htonl
gethostbyname
getservbyname
WSASetLastError
__WSAFDIsSet
closesocket
select
shutdown
WSASocketW
inet_pton
getaddrinfo
getpeername
getsockname
send
socket
ntohs
connect
recv
WSAStartup
getservbyport
getsockopt
freeaddrinfo
ioctlsocket
getnameinfo
setsockopt
WSAGetLastError
WSACleanup
CertDuplicateCertificateContext
CertFindCertificateInStore
CertOpenStore
CertCloseStore
CertEnumCertificatesInStore
CertOpenSystemStoreW
CertFreeCertificateContext
CertGetCertificateContextProperty
NtQueryInformationProcess
NtQuerySystemInformation
StrStrIA
BCryptGenRandom
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ